CA2094026A1 - Method and apparatus for personal identification - Google Patents

Method and apparatus for personal identification

Info

Publication number
CA2094026A1
CA2094026A1 CA2094026A CA2094026A CA2094026A1 CA 2094026 A1 CA2094026 A1 CA 2094026A1 CA 2094026 A CA2094026 A CA 2094026A CA 2094026 A CA2094026 A CA 2094026A CA 2094026 A1 CA2094026 A1 CA 2094026A1
Authority
CA
Canada
Prior art keywords
code
pin
verification
nonpredictable
computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA2094026A
Other languages
French (fr)
Other versions
CA2094026C (en
Inventor
Keneth P. Weiss
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
EMC Corp
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US07/597,784 external-priority patent/US5097505A/en
Priority claimed from US07/670,705 external-priority patent/US5168520A/en
Application filed by Individual filed Critical Individual
Publication of CA2094026A1 publication Critical patent/CA2094026A1/en
Application granted granted Critical
Publication of CA2094026C publication Critical patent/CA2094026C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/313User authentication using a call-back technique via a telephone network
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/33Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response

Landscapes

  • Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Discharge Of Articles From Conveyors (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)

Abstract

A method and apparatus for providing improved security for a personal identification number (PIN) in a personal ident-ification and verification system of the type wherein a time de-pendent nonpredictable code is generated at a device in the pos-session of the individual (36), which code is unique to the indi-vidual and this code is communicated to, and compared with a nonpredictable code generated at a central verification compu-ter (46). In this system, the PIN is mixed with the nonpredic-table code before transmission of these values to the central ver-ification computer (38). A nonsecret code (30) is previously transmitted to the central verification computer and is used by the verification computer to retrieve the PIN and independently generate the time dependent appropriate nonpredictable code for the user (74). These retrieved PIN and generated code va-lues are used by the verification computer either (a) to strip the PIN from the transmitted nonpredictable code (42) and the stripped PIN and remaining nonpredictable code are compared with the corresponding retrieved values in order to determine verification (44, 46); or (b) to be mixed and then compared with the mixed PIN and code which is transmitted to the verification computer (144).
CA002094026A 1990-10-19 1991-04-30 Method and apparatus for personal identification Expired - Lifetime CA2094026C (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US07/597,784 US5097505A (en) 1989-10-31 1990-10-19 Method and apparatus for secure identification and verification
US597,784 1990-10-19
US07/670,705 US5168520A (en) 1984-11-30 1991-03-18 Method and apparatus for personal identification
US670,705 1991-03-18

Publications (2)

Publication Number Publication Date
CA2094026A1 true CA2094026A1 (en) 1992-04-20
CA2094026C CA2094026C (en) 1996-07-30

Family

ID=27082908

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002094026A Expired - Lifetime CA2094026C (en) 1990-10-19 1991-04-30 Method and apparatus for personal identification

Country Status (6)

Country Link
EP (1) EP0555219B1 (en)
JP (1) JPH06507277A (en)
AU (1) AU649190B2 (en)
CA (1) CA2094026C (en)
DE (2) DE69133047T2 (en)
WO (1) WO1992007436A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9667423B2 (en) 2010-09-27 2017-05-30 Nokia Technologies Oy Method and apparatus for accelerated authentication

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB9321357D0 (en) * 1993-10-15 1993-12-22 British Telecomm Personal identification systems
US5724423A (en) * 1995-09-18 1998-03-03 Telefonaktiebolaget Lm Ericsson Method and apparatus for user authentication
FR2774238B1 (en) * 1998-01-26 2000-02-11 Alsthom Cge Alcatel METHOD FOR TRANSFERRING INFORMATION BETWEEN A SUBSCRIBER IDENTIFICATION MODULE AND A MOBILE RADIO COMMUNICATION TERMINAL, CORRESPONDING SUBSCRIBER IDENTIFICATION MODULE AND MOBILE TERMINAL
WO2001045008A1 (en) 1999-12-16 2001-06-21 Debit.Net, Inc. Secure networked transaction system
US7237117B2 (en) 2001-03-16 2007-06-26 Kenneth P. Weiss Universal secure registry
US8224887B2 (en) 2003-03-26 2012-07-17 Authenticatid, Llc System, method and computer program product for authenticating a client
SG126766A1 (en) * 2004-06-10 2006-11-29 Oneempower Pte Ltd Data storage method and system
GB2434014A (en) * 2006-01-10 2007-07-11 Clive Leader Transaction verification using signed data combination
EP1987463A1 (en) 2006-02-21 2008-11-05 WEISS, Kenneth P. Method and apparatus for secure access payment and identification
US8234220B2 (en) 2007-02-21 2012-07-31 Weiss Kenneth P Universal secure registry
US11227676B2 (en) 2006-02-21 2022-01-18 Universal Secure Registry, Llc Universal secure registry
GB2435533B (en) * 2006-11-23 2008-03-05 Richard Mervyn Gardner Integrated systems for simultaneous mutual authentication of database and user
EP2248059B1 (en) * 2008-02-26 2015-11-25 Universal Secure Registery, LLC Universal secure registry
WO2010090602A1 (en) * 2009-02-04 2010-08-12 Data Security Systems Solutions Pte Ltd Transforming static password systems to become 2-factor authentication
WO2011141062A1 (en) * 2010-05-12 2011-11-17 Novelty Group Limited Payment system, procedure for producing at least one code pair for authorizing a debit operation, and method for carrying out a payment operation
US8613052B2 (en) 2010-09-17 2013-12-17 Universal Secure Registry, Llc Apparatus, system and method employing a wireless user-device
JP6222692B2 (en) * 2013-09-26 2017-11-01 国立大学法人東京工業大学 Confidential biometric server authentication

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2394131A1 (en) * 1977-06-07 1979-01-05 Cii Honeywell Bull INFORMATION PROCESSING SYSTEM PROTECTING THE SECRET OF CONFIDENTIAL INFORMATION
US4578530A (en) * 1981-06-26 1986-03-25 Visa U.S.A., Inc. End-to-end encryption system and method of operation
DE3222288A1 (en) * 1982-06-14 1983-12-22 Weise, Gustav, 8000 München Identification means with microprocessor and input keypad
DE3225754A1 (en) * 1982-07-09 1984-01-12 Hülsbeck & Fürst GmbH & Co KG, 5620 Velbert METHOD FOR THE LOCKING EFFECTIVE INTERACTION OF A KEY-LIKE PART WITH A LOCK-LIKE PART
US4599489A (en) * 1984-02-22 1986-07-08 Gordian Systems, Inc. Solid state key for controlling access to computer software
US4819267A (en) * 1984-02-22 1989-04-04 Thumbscan, Inc. Solid state key for controlling access to computer systems and to computer software and/or for secure communications
US4856062A (en) * 1984-11-30 1989-08-08 Kenneth Weiss Computing and indicating device
US4885778A (en) * 1984-11-30 1989-12-05 Weiss Kenneth P Method and apparatus for synchronizing generation of separate, free running, time dependent equipment
US4720860A (en) * 1984-11-30 1988-01-19 Security Dynamics Technologies, Inc. Method and apparatus for positively identifying an individual
US4802216A (en) * 1985-11-22 1989-01-31 Allied-Signal Inc. Interrogator and transponder test equipment
EP0246823A3 (en) * 1986-05-22 1989-10-04 Racal-Guardata Limited Data communication systems and methods
US4731841A (en) * 1986-06-16 1988-03-15 Applied Information Technologies Research Center Field initialized authentication system for protective security of electronic information networks

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9667423B2 (en) 2010-09-27 2017-05-30 Nokia Technologies Oy Method and apparatus for accelerated authentication
US9979545B2 (en) 2010-09-27 2018-05-22 Nokia Technologies Oy Method and apparatus for accelerated authentication

Also Published As

Publication number Publication date
DE69133047T2 (en) 2002-11-14
DE555219T1 (en) 1996-11-28
CA2094026C (en) 1996-07-30
AU649190B2 (en) 1994-05-12
EP0555219B1 (en) 2002-06-26
JPH06507277A (en) 1994-08-11
AU7981691A (en) 1992-05-20
EP0555219A1 (en) 1993-08-18
WO1992007436A1 (en) 1992-04-30
EP0555219A4 (en) 1998-05-06
DE69133047D1 (en) 2002-08-01

Similar Documents

Publication Publication Date Title
CA2094026A1 (en) Method and apparatus for personal identification
ES8205923A1 (en) Keyboard operated security apparatus.
WO2001088661A3 (en) System and method for providing access to forms and maintaining the data used to complete the forms
NO921848L (en) SILICO SOLAS, PROCEDURE FOR PREPARING THEREOF, AND USING THE SOLES.
GB2178211B (en) Control system
EP0304866A3 (en) System for ensuring device compatibility
DE3854445D1 (en) Device for encoding and transmitting images.
CA2016935A1 (en) Telephone apparatus using a detachable memory device
CA2076610A1 (en) Generating system of random-number sequences for a parallel computer system
CA2192310A1 (en) Pre-paid card system and method
CA2026739A1 (en) Transaction system security method and apparatus
ATE80485T1 (en) METHOD OF ATTESTING THE AUTHENTICITY OF DATA EXCHANNED BY TWO DEVICES CONNECTED LOCALLY OR REMOTELY BY A COMMUNICATION LINE.
EP0576224A3 (en) Cryptographic key management apparatus and method.
EP0366434A3 (en) Quasi-fair arbitration scheme with default owner speedup
AU1161688A (en) Authenticating pseudo-random code and apparatus
CA2019151A1 (en) Vector data retrieval apparatus
ATE246829T1 (en) DEVICE AND METHOD FOR PROTECTED DATA TRANSMISSION
WO2001033388A3 (en) Method and system for multi-user access of a database over a network
SE8602323D0 (en) WAY TO PREVENT UNAUTHORIZED ACCESS OF INFORMATION
JPS643772A (en) Sentence processing unit
Kaplinski et al. Some aspects of sensitivity analysis in the entropy method.
EP0254565A3 (en) Methods of and apparatus for forming identification data
JPS5338239A (en) Slip verifying equipment
EP0276815A3 (en) Transaction processing apparatus having external memory apparatuses connected thereto
JPS5533272A (en) Information input equipment

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry